[gnutls-devel] GnuTLS | gnutls_init: Always initialize *session (!1652)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Mon Oct 17 02:28:05 CEST 2022

Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1652 was reviewed by Sam James

  <!-- Get preloaded note discussion-->
Sam James commented on a discussion on lib/pkcs11_privkey.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1652#note_1137210016

>  	(*key)->uinfo = p11_kit_uri_new();
>  	if ((*key)->uinfo == NULL) {
>  		free(*key);

There's almost a way, but it doesn't seem to work for gnutls' setup:
./../includes/gnutls/gnutls.h:2346:1: warning: 'malloc' attribute ignored; valid only for functions [-Wattributes]
 2346 | extern _SYM_EXPORT gnutls_alloc_function gnutls_malloc;
      | ^~~~~~

Rough diff without autotools wiring up for checking support in compiler:
diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in
index 9b700e03f..f47e6cac4 100644
--- a/lib/includes/gnutls/gnutls.h.in
+++ b/lib/includes/gnutls/gnutls.h.in
@@ -2341,10 +2341,13 @@ typedef void *(*gnutls_realloc_function) (void *, size_t);
 void gnutls_global_set_time_function(gnutls_time_func time_func);

 /* For use in callbacks */
+extern _SYM_EXPORT gnutls_free_function gnutls_free;
+__attribute__ ((malloc (gnutls_free, 1)))
 extern _SYM_EXPORT gnutls_alloc_function gnutls_malloc;
+__attribute__ ((malloc (gnutls_free, 1)))
 extern _SYM_EXPORT gnutls_realloc_function gnutls_realloc;
+__attribute__ ((malloc (gnutls_free, 1)))
 extern _SYM_EXPORT gnutls_calloc_function gnutls_calloc;
-extern _SYM_EXPORT gnutls_free_function gnutls_free;

 #define gnutls_free(a) gnutls_free((void *) (a)), a=NULL

Take a look at:
- https://developers.redhat.com/blog/2021/04/30/detecting-memory-management-bugs-with-gcc-11-part-1-understanding-dynamic-allocation#attribute_malloc (this is the main one)
- https://developers.redhat.com/blog/2021/01/28/static-analysis-updates-in-gcc-11
- https://developers.redhat.com/articles/2022/04/12/state-static-analysis-gcc-12-compiler

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1652
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20221017/7b6e9d40/attachment.html>

More information about the Gnutls-devel mailing list